Zephyr security vulnerabilities

Zephyr is an open-source, scalable real-time operating system RTOS developed by Zephyr. There is a security vulnerability in Zephyr, which stems from defects in the network stack. This vulnerability may lead to out-of-bound memory reads and information leaks...

kernel: ipv6: Fix out-of-bounds access in ipv6_find_tlv()

An out of bounds OOB memory access flaw was found in the Linux kernel's ipv6 network subsystem. This could allow a local attacker to crash the system or leak kernel internal information...

SUSE-SU-2026:0315-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-38321: smb: Log an error when closeallcacheddirs fails bsc1246328. - CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd bsc1249256. -...

Oracle Linux 9 : kernel (ELSA-2026-1143)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1143 advisory. - Bluetooth: hcisock: Prevent race in socket write iter and sock bind CKI Backport Bot RHEL-139462 CVE-2025-68305 - dm: fix dmblkreportzones CKI Backpo...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38321: smb: Log an error when closeallcacheddirs fails bsc1246328. CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd bsc1249256. CVE-2025-39890:...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37961)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37961 advisory. - In the Linux kernel, the following vulnerability has been resolved: ipvs: fix uninit-value for saddr in...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001097)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001097 advisory. The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service system crash via a crafted applicati...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002716)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002716 advisory. The tcpcwndreduction function in net/ipv4/tcpinput.c in the Linux kernel before 4.3.5 allows remote attackers to cause a denial of service divide-by-zero error and...

TinyOS 缓冲区错误漏洞

TinyOS is an operating system in the TinyOS open source. A buffer error vulnerability exists in TinyOS 2.1.2 and prior versions, which stems from a global buffer overflow in the printfUART formatted output implementation in the ZigBee/IEEE 802.15.4 network stack, which could lead to a denial of...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Properly handles Rx checksum offload errors. The stmmacrx function previously set skb-ipsummed to CHECKSUMUNNECESSARY if hardware checksum offloading was enabled and the packet had a known IP ethertype. However, this...

CVE-2017-18868

Digi XBee 2 devices do not have an effective protection mechanism against remote AT commands, because of issues related to the network stack upon which the ZigBee protocol is built...

CLSA-2025-1766617167 kernel: Fix of 27 CVEs

xfrm: Duplicate SPI Handling CVE-2025-39965 - xfrm: state: use atomicincnotzero to increment refcount - padata: Fix pd UAF once and for all CVE-2025-38584 - padata: Remove broken queue flushing CVE-2023-52854 - padata: ensure padatadoserial runs on the correct CPU - Bluetooth: L2CAP: Fix...

CVE-2023-54114 net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()

In the Linux kernel, the following vulnerability has been resolved: net: nsh: Use correct macoffset to unwind gso skb in nshgsosegment As the call trace shows, skbpanic was caused by wrong skb-macheader in nshgsosegment: invalid opcode: 0000 1 PREEMPT SMP KASAN PTI CPU: 3 PID: 2737 Comm: syz Not...

CVE-2023-54094

CVE-2023-54094 — Linux kernel : The issue arises when GRO-ed packets (rx-gro-list) are bridged to local input and an egress device, where segmentation writes into cloned skbs with shared heads, risking skb corruption and a NULL dereference. A fix was implemented by uncloning as needed for the skb...

CVE-2023-54012

In the Linux kernel, the following vulnerability has been resolved: net: fix stack overflow when LRO is disabled for virtual interfaces When the virtual interface's feature is updated, it synchronizes the updated feature for its own lower interface. This propagation logic should be worked as the...

SUSE-SU-2026:20015-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. - CVE-2025-37916: pdscore: remove write-after-free of clientid bsc1243474. -...

SUSE-SU-2026:20021-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. - CVE-2025-37916: pdscore: remove write-after-free of clientid bsc1243474. -...

EUVD-2023-60174

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Ignore frags from uninitialized peer in dp. When max virtual ap interfaces are configured in all the bands with ACS and hostapd restart is done every 60s, a crash is observed at random times. In this certain scenari...

CVE-2025-40337

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Correctly handle Rx checksum offload errors The stmmacrx function would previously set skb-ipsummed to CHECKSUMUNNECESSARY if hardware checksum offload CoE was enabled and the packet was of a known IP ethertype...

Oracle Linux 10 : kernel (ELSA-2025-21118)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21118 advisory. - fs/smb: Fix inconsistent refcnt update Paulo Alcantara RHEL-124955 CVE-2025-39819 - tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. Antoine Tenart...